Twenty Year Anniversary
Showing 1 - 18 of 18 RSS Feed

Files from Wolfgang Ettlinger

First Active2013-04-03
Last Active2018-09-27
Citrix StorageZones Controller Improper Access Restrictions / Traversal
Posted Sep 27, 2018
Authored by Wolfgang Ettlinger | Site sec-consult.com

Citrix StorageZones Controller versions prior to 5.4.2 suffer from padding oracle, improper access restriction, and path traversal vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2018-16968, CVE-2018-16969
MD5 | 25f551df2535dadd811ace404a1ecd28
Oracle Access Manager 11.1.2.3.0 / 12.2.1.3.0 Authentication Bypass
Posted May 4, 2018
Authored by Wolfgang Ettlinger | Site sec-consult.com

Oracle Access Manager versions 11.1.2.3.0 and 12.2.1.3.0 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2018-2879
MD5 | b2d1fa8ff54174534c11d0df06d323dd
SecurEnvoy SecurMail 9.1.501 XSS / CSRF / Traversal
Posted Mar 12, 2018
Authored by Wolfgang Ettlinger | Site sec-consult.com

SecurEnvoy SecurMail version 9.1.501 suffers from cross site request forgery, cross site scripting, insecure direct object reference, missing authentication and authorization, and path traversal vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2018-7701, CVE-2018-7702, CVE-2018-7703, CVE-2018-7704, CVE-2018-7705, CVE-2018-7706, CVE-2018-7707
MD5 | 34ce6bc45859e685368a551d86ff08e2
Micro Focus VisiBroker C++ 8.5 SP2 Memory Corruption
Posted Oct 16, 2017
Authored by Wolfgang Ettlinger | Site sec-consult.com

Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2017-9281, CVE-2017-9282, CVE-2017-9283
MD5 | 49e5b10ae54b8581b0809387e9a79239
OSCI-Transport Library 1.2 Padding Oracle / Signature Wrapping / XXE Injection
Posted Jun 30, 2017
Authored by Wolfgang Ettlinger, Marc Nimmerrichter | Site sec-consult.com

OSCI-Transport library version 1.2 for German e-Government suffers from padding oracle, signature wrapping, and XML external entity injection vulnerabilities.

tags | advisory, vulnerability, xxe
advisories | CVE-2017-10668, CVE-2017-10669, CVE-2017-10670
MD5 | 852b54bfa71394caa84d2551937c6f52
EnCase Forensic Imager 7.10 Buffer Overflow
Posted May 12, 2017
Authored by Wolfgang Ettlinger | Site sec-consult.com

Guidance Software EnCase Forensic Imager versions 7.10 and below suffer from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 187545df23898b8d46492129016e88f4
EnCase Forensic Imager 7.10 Denial Of Service / Heap Buffer Overflow
Posted Nov 29, 2016
Authored by Wolfgang Ettlinger | Site sec-consult.com

EnCase Forensic Imager versions 7.10 and below suffer from denial of service and heap-based buffer overflow vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | 1c5bac58a0fdaf56c3881bb3ed6e6585
Micro Focus GroupWise Cross Site Scripting / Overflows
Posted Aug 25, 2016
Authored by Wolfgang Ettlinger | Site sec-consult.com

Micro Focus GroupWise version 2014 R2 SP1 and below suffer from buffer overflow, cross site scripting, and integer overflow vulnerabilities.

tags | exploit, overflow, vulnerability, xss
advisories | CVE-2016-5760, CVE-2016-5761, CVE-2016-5762
MD5 | 6b54a385df31372c3fbf7bd670761a24
Micro Focus Filr CSRF / XSS / Code Execution
Posted Jul 25, 2016
Authored by Wolfgang Ettlinger | Site sec-consult.com

Multiple Micro Focus Filr appliances suffer from cross site request forgery, cross site scripting, command injection, insecure design, missing cookie flag, authentication bypass, poor permission, and path traversal vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2016-1607, CVE-2016-1608, CVE-2016-1609, CVE-2016-1610, CVE-2016-1611
MD5 | a5fc9da404b4e72d05033b99d55f7fbc
WSO2 Identity Server 5.0.0 XSS / CSRF / XXE Injection
Posted May 13, 2015
Authored by Wolfgang Ettlinger | Site sec-consult.com

WSO2 Identity Server version 5.0.0 suffers from XML external entity injection, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf, xxe
MD5 | cab780534e71ce8a0a440f53b27066ea
Kodi/XBMC 14 Cross Site Request Forgery
Posted Jan 14, 2015
Authored by Wolfgang Ettlinger | Site sec-consult.com

Kodi/XBMC versions 14 and below suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | 2b1422311d81ea0e325951bcd953ad3e
NetIQ eDirectory NDS iMonitor 8.8 SP8 / 8.8 SP7 XSS / Memory Disclosure
Posted Dec 20, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

NetIQ eDirectory NDS iMonitor versions 8.8 SP8 and 8.8 SP7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-5212, CVE-2014-5213
MD5 | aee8af210596cb47ba67c201dc2dfff7
NetIQ Access Manager 4.0 SP1 XSS / CSRF / XXE Injection / Disclosure
Posted Dec 19, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

NetIQ Access Manager version 4.0 SP1 suffers from cross site request forgery, external entity injection, information disclosure, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2014-5214, CVE-2014-5215, CVE-2014-5216, CVE-2014-5217
MD5 | 28770947a64f6a9552aa49662c955abe
G-Parted 0.14.1 Command Execution
Posted Dec 19, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

G-Parted versions 0.14.1 and below suffer from a root privilege escalation command execution vulnerability.

tags | exploit, root
advisories | CVE-2014-7208
MD5 | 28d3c773f64a591079003cff8dc0d441
ADF Faces 12.1.2.0 Cross Site Scripting
Posted Oct 15, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

ADF Faces version 12.1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 92cfe913c70c05fd20b854dbac5bf753
Rhythm Software File Manager [HD] Disclosure / Escalation / Injection
Posted Apr 2, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

Rhythm Software File Manager version 1.16.6 and Rhythm Software File Manager HD version 1.11.5 suffer from local file disclosure, privilege escalation, and unauthenticated remote command injection vulnerabilities.

tags | advisory, remote, local, vulnerability
MD5 | f9a496de63fd6fbd9f9526c0873be934
Symantec Web Gateway XSS / CSRF / SQL Injection / Command Injection
Posted Jul 26, 2013
Authored by Wolfgang Ettlinger | Site sec-consult.com

Symantec Web Gateway versions 5.1.0.* and below suffer from cross site request forgery, cross site scripting, command injection, and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection, csrf
advisories | CVE-2013-1616, CVE-2013-1617, CVE-2013-4670, CVE-2013-4671, CVE-2013-4672
MD5 | eba6575ed59d8f516b66606c704e60c2
Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution
Posted Apr 3, 2013
Authored by Wolfgang Ettlinger | Site sec-consult.com

Sophos Web Protection Appliance version 3.7.8.1 suffers from OS command injection, cross site scripting, and file disclosure vulnerabilities.

tags | exploit, web, vulnerability, xss
advisories | CVE-2013-2641, CVE-2013-2642, CVE-2013-2643
MD5 | 01c4c0a97f30967135856c6d7e09d3fd
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close